Tag Archives: Christopher Graham

Loose Data Affecting Student Career Prospects

Students are not facing the most prosperous times with regards to career prospects but recent data suggests that many are concerned about data they post online affecting their chances of getting a job.

In fact of the 500 students surveyed in a study conducted by ICO, 42% expressed concern that personal data hanging around online may affect whether companies would take them on.

Christopher Graham, Information Commissioner stated “In touch times, young people are clearly less relaxed about privacy, particularly in relation to information that they post online – but many may not know what they can do about it.”

The study revealed that for one reason or another students are failing to take steps to maintain privacy. One in three (33%) of students have not got around to re-directing their post from a previous residence.

A shocking 75% have not checked their credit rating in the past year with 66% admitting they have never checked it.  This leaves them wide open to suspicious credit applications.

The ICO have conducted this survey as part of their 2011 Student Brand Ambassador Campaign. Graham comments “The Student Brand Ambassador campaign is about arming students with the advice they need to protect themselves from obvious dangers such as identity theft and keeping their social lives private.”

At Backup Technology we always look to take on graduates who have extra-curricular interests and who have had fun throughout conducting their studies. However undesirable data encountered online could severely impede students being granted an interview.

ACS Law owner escapes with just £1000 fine following data breach

A law firm which gained notoriety in 2009 and 2010 for sending hundreds of letters to alleged illegal file sharers claiming they owed money for copyright infringement, has been fined by the Information Commissioner’s Office (ICO).

Andrew Crossley, owner of law firm ACS:Law, was hit with the fine following a data breach to the company’s website in September 2010. The site was successfully hacked and the personal details of approximately 6000 people were exposed. People’s names, addresses and credit card details were all obtainable following the hack.
An investigation by the ICO said it found seriously flaws in the firms security systems around it’s IT infrastructure. Christopher Graham speaking on behalf of the ICO said

“Sensitive personal details relating to thousands of people were made available for download to a worldwide audience and will have caused them embarrassment and considerable distress. The security measures ACS Law had in place were barely fit for purpose in a person’s home environment, let alone a business handling such sensitive details.”

The law firm ceased trading in February this year. This has meant the fine received by Crossley is a drop in the ocean compared to the £200,000 fine ACS:Law could have received, as he is now a sole trader, the ICO confirmed.

In January this year the firm dropped its cases against the alleged file sharers mainly due to their being a lack of evidence presented to the court, at the time Judge Birss criticising the firm calling the case ‘mind boggling’. Crossley himself released a statement through the court citing criminal attacks and bomb threats as reason for ACS:Law dropping the cases against the accused.

ICO Launches UK Code of Practice on Data Sharing

A new statutory code has been published recently by the ICO. The new release hopes to help businesses and public sector bodies share information appropriately.

The code aims to produce a better understanding of when, where and how personal information should be shared and details how to keep data secure. It will also produce a better relationship between organisations wishing to share their data. Furthermore there will be less chance of breaking the law and consequent enforcement action by the ICO and other regulators.

The ICO’s data sharing code of practice covers both routine in addition to one-off instances of data sharing. The release incudes advice for organisations which wish to share personal information. An example scenario would be when a local authority wishes to share data with a health service.

Such codes of conduct are relevant in such instances as when local authorities wish to share data with health authorities. Furthermore it gives advice on how the data protection act applies to data sharing.

Information commissioner Christopher Graham commented:

“Few would argue that sharing data can play an important role in providing an efficient service to consumers in both the public and private sector. More and more transactions are done online – from shopping and banking to managing tax and health records. People now have an expectation that, where appropriate and necessary, their personal details may be shared. However, this does not mean that companies or public bodies can do this just as they see fit. The public rightly want to remain in control of who is using their information and why, and they need to feel confident that it is being kept safe.”

In a further statement Graham said:
“The code of practice we’ve issued today offers a best practice approach that can be applied in all sectors. It reflects the constructive comments we received during the consultation period, meaning that we can be confident that it not only makes sense on paper but will also work in the real world too. I’d encourage all businesses and public bodies that share personal data to get to grips with the code without delay so they can be sure they are getting it right.”

ICO warns UK businesses: New EU cookies law must be followed

Monday night saw a warning to all business from the Information Commissioner’s Office that they must “wake up” and take action to a new law, which will be enforced on the 25th May 2011. This law changes the EU’s Privacy and Electronic Communications Directive. The change will require business to obtain website visitors permission to store and retrieve usage information from users’ computers.

A cookie is a piece of text stored on a users computer by their web browser. It is generated by the websites that the user visits and usually stores information that can be users to save user preferences, shopping carts and authentication.

Information Commissioner, Christopher Graham, said:

“While the roll out of this new law will be a challenge, it will have positive benefits as it will give people more choice and control over what, information businesses and other organisations can store on and access from consumers’ own computers.

“The Directive will come into force in less than two months time and businesses and organizations running websites in the UK must wake up to the fact that this is happening. We are proactively working with the government, businesses and the public sector to find a workable solution. We recognize that the internet as we know it today depends on the widespread use of cookies and there are of course legitimate business reasons for using them. So we are clear that these changes must not have a detrimental impact on consumers nor cause an unnecessary burden on UK businesses. One option being considered is to allow consent to the use of cookies to be given via browser settings.

“Once the new regulations are published there will be a major job of education and guidance to be undertaken. In the meantime, both the business community and public sector organizations need to start thinking clearly about how they will meet the requirements of the new Directive.”

The law change is being lead by the Department for Culture, Media and Sport. With Ed Vaizey commenting. “Businesses need to be working to address the way they use cookies. We recognize that work will not be complete by the implementation deadline. The government is clear that it will take time for meaningful solutions to be developed, evaluated and rolled out.”

Justice Minister Lord McNally said:
“A strong and independent Information Commissioner is vital to ensuring our personal data is kept safe, as well as keeping public bodies open to scrutiny. The government recently announced measures to enhance the ICO’s independence even further, by giving it more freedom to make corporate and operation decisions..

“As technology advances it brings new opportunities, but also new ways our data can be misused, which is why we have been gathering evidence on how the current data protection laws are working and considering ideas on how the current data protection regime can be improved.”

Ground breaking data loss fines approved

After a long process of decision making and debate, the Ministry of Justice has ratified the request from the Information Commissioner’s Office (ICO) that it be allowed to raise fines against any business that is found to be in breach of the Data Protection Act.

The ICO will now be able to demand up to half a million pounds from firms which fail to adequately protect the personal information of their clients and the new rules will begin to be enforced from April this year.

The government held a public consultation in order to assess whether giving the ICO such powers would be adequate to help tackle complacency and inadequacies in the data security measures employed by enterprises in the UK.

Christopher Graham, who is the Information Commissioner, said that the growing number of interactions between businesses and customers which involve the online entry of information and the subsequent storage of personal information has led to far more serious instances of data loss.

Mr Graham also reaffirmed his dedication to cooperation with public and private bodies in order to ensure that compliance with data protection legislation was fulfilled across the board. However, he also said that he would not be afraid to make use of the newly granted powers against those who continue to flout good data security practise.

Michael Wills, the minister for Justice, said that in general, a majority of organisations were in compliance with the conditions of the data protection act and that these new fines would hopefully deter any firms from ignoring them.

In order to reach a decision as to the total fine which should be levelled against a given organisation in the event of non-compliance, various factors will be calculated. For example, the extent of the data loss and the potential threat it poses to the involved parties will be weighed against whether the firm had knowingly failed to meet government guidelines.

Experts believe that although the new fines show real intent, many will be waiting to see how the first penalties are allocated to analyse the seriousness of the ICO’s intent. Despite the belief that only the biggest firms will suffer the most significant fines in the face of data loss, it is hoped that these new powers will act as a wake-up call to businesses of all sizes.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal